Posts tagged from

Google Exiles A Chinese Certificate Authority From The Web

Google is taking the unusual step of updating Chrome to effectively exile from the Web a Chinese firm tasked with vouchsafing the identity of websites. Google’s move against the Chinese Internet Network Information Center, or CNNIC, comes after the Chinese company allowed an Egyptian firm to issue fake certificates for Google domains.

Mozilla subsequently followed suit with its own CNNIC blackout in its Firefox browser, although it will apply only to certificates issued after April 1, 2015. 

Certificate authorities like CNNIC provide the crucial service of verifying that the website you’ve connected to is in fact who it says it is. They do so by issuing digital certificates to sites that browsers can check to ensure that you’ve connected, for instance, to your bank and not an imposter site that can harvest your password and other details. This process is largely invisible to the average Web user, but it underpins the workings of the modern Web.

Google and Mozilla said CNNIC delegated certificate authority to the Egypt-based intermediary MCS Holdings, which in turn issued the fake certificates for Google sites and installed them in “man in the middle” proxy software that could be used to snoop, undetected, on user email, chat and other communications via Google services.

Google security engineer Adam Langley said it was “a serious breach of the certificate authority system” and confirmed that CNNIC will no longer be trusted in an upcoming Chrome update.

Google didn’t provide a timeframe for that update, in order to allow website owners the chance to switch to a different certificate authority. Microsoft has also hinted that it will put a similar ban in place with Internet Explorer.

For its part, CNNIC claims the certificate was intended for testing and was installed on the wrong server due to a human error by MCS Holdings. In its official statement, Google admits this explanation “is congruent with the facts” but says “CNNIC still delegated their substantial authority to an organization that was not fit to hold it.” Mozilla likewise called CNNIC’s action an “egregious practice” that violated its policies on the proper handling and use of certificates.

Google As Gatekeeper

It’s the latest example of Google throwing its substantial weight around in policing the Web—even when its intentions are good, the Mountain View firm carries an almost unstoppable level of clout in making decisions about security and fraud on the Internet, and that means the average Web user is essentially at the whim of Google’s choices.

In a statement posted online, CNNIC called Google’s decision “unacceptable and intelligible.” It went on to say “CNNIC sincerely urge that Google would take users’ rights and interests into full consideration.” CNNIC’s concern is that users will find themselves unfairly locked out of email sites, banking portals and other secured domains verified by the firm.

This tone seems at odds with the diplomatic one used by Google, with Langley hinting that everything could eventually return to normal: “We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place.” That would be likely to take a significant amount of time, however.

After this particular kerfuffle has died down, the incident is unlikely to register on the radar of the average Gmail or Google Drive user—indeed, you need a high level of technical knowledge to even understand what’s happened. Nevertheless, it’s a reminder of the need to keep our online guardians under close scrutiny while they make decisions on our behalf.

Photo by MDrX

View full post on ReadWrite

April Fools’ 2015 For the Search World: From Super Smart Google Panda To Backwards Google

Google, Bing and Kenshoo are bringing the funny today, polluting the web with gags galore.

The post April Fools’ 2015 For the Search World: From Super Smart Google Panda To Backwards Google appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

April Fools’ Day 2015: Everything From Google Panda Bears & Keyless Keyboards To Moz Snapchat Support

Google, Bing, Moz and more are bringing the funny today, polluting the web with gags galore.

The post April Fools’ Day 2015: Everything From Google Panda Bears & Keyless Keyboards To Moz Snapchat Support appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Click-to-Call Deep Dive: Best Practices from Search Experts – April 16 Webcast

Tips for search marketers trying to turn mobile callers into customers.

The post Click-to-Call Deep Dive: Best Practices from Search Experts – April 16 Webcast appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Google Still Dominant, But Baidu Benefitting From Google Ban In China Says eMarketer

As China’s search revenue share continues to grow, Google will largely be missing out while its sites are blocked on the mainland.

The post Google Still Dominant, But Baidu Benefitting From Google Ban In China Says eMarketer appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

SEO 101: Getting Started in Local SEO (From Scratch) – Search Engine Journal


Search Engine Journal
SEO 101: Getting Started in Local SEO (From Scratch)
Search Engine Journal
Local SEO is the process of optimizing your business so it shows up in the search engines to people searching locally for your services. Whether you're a dentist, restaurant, or yoga studio, the only customers that matter for your business are people
The Missing Link Building Tip For Local SEOSearch Engine Land

all 2 news articles »

View full post on SEO – Google News

SEO 101: Getting Started in Local SEO (From Scratch) by @SearchHighway

By following these amazingly simple steps, you can have your local business showing up in front of people within your city who are looking for your services (you don’t even need to know anything about SEO get it started!).

The post SEO 101: Getting Started in Local SEO (From Scratch) by @SearchHighway appeared first on Search Engine Journal.

View full post on Search Engine Journal

Choi Ji Woo Wins Approval From ‘The ‘Grandpas Over Flowers’ – KDramaStars


KDramaStars
Choi Ji Woo Wins Approval From 'The 'Grandpas Over Flowers'
KDramaStars
The "Grandpas Over Flowers" stars Lee Soon Jae, Shin Goo, Park Geun Hyung and Baek Il Sub are off to explore a new country. Accompanied by Hallyu star Choi Ji Woo and their usual baggage carrier, actor Lee Seo Jin, the grandpas will travel to Greece …

and more »

View full post on SEO – Google News

Reviewing ‘Everybody Writes’ From A New Writer’s Perspective #SEJBookClub by @MarketingCath

A book review of Ann Handley’s Everybody Writes: Your Go-To Guide to Creating Ridiculously Good Content.

The post Reviewing ‘Everybody Writes’ From A New Writer’s Perspective #SEJBookClub by @MarketingCath appeared first on Search Engine Journal.

View full post on Search Engine Journal

How Google’s New “On-Body” Lock Can Shield Your Phone From Spies

Google just released a new security feature that locks your smartphone automatically when you put it down, one first tipped by Android Police. (Google describes the feature here; scroll down to “When you’re carrying your device on you.”)

Designed to prevent unauthorized access to your phone’s data by thieves, the “on-body” feature uses the built-in accelerometer to detect motion, so it knows know when the device has been left open and unattended. That’s when the feature kicks in to lock the gadget down.

In most cases, you’ll still have to unlock your phone manually when you pick it up. But so long as you’ve got it stashed in your pocket, you’re holding it in your hand or you’ve passed it to a friend, the device remains unlocked.

There’s a side benefit, too: People are most likely to leave their phones around unlocked when they’re home, so the “on-body” lock should ably block the prying eyes of a spouse, parent or roommate. 

See also: Put Away That Passcode: Android Devices Will Soon Unlock One Another

Android Police reports that the “on-body detection” feature, discovered on a Nexus 4 with Android 5.0.1, has since been spotted on several other devices, including most Nexuses. It further explains:

This doesn’t seem to be a feature related to Android 5.1, but you probably need 5.0+ for it to work. We do know our tipster has the most recent version of Play Services (we tried with the same version on our Nexuses, and no dice), and we know trusted places is enabled by Google Play Services, so it seems likely this on-body detection mode is probably activated similarly, and isn’t part of the core OS.

The security feature is Google’s latest, but certainly not only smart lock. Lollipop (Android 5.0) offered a convenience feature that unlocked Android mobile devices when a saved Bluetooth gadget, like a smartwatch, or a gadget previously connected via wireless NFC came near.

Photo by Adriana Lee for ReadWrite

View full post on ReadWrite

Go to Top
Copyright © 1992-2015, DC2NET All rights reserved